Skip to content

Bump the npm_and_yarn group across 2 directories with 16 updates#10

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/npm_and_yarn-75a63aa73b
Open

Bump the npm_and_yarn group across 2 directories with 16 updates#10
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/npm_and_yarn-75a63aa73b

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 1, 2026

Copy link
Copy Markdown

Bumps the npm_and_yarn group with 12 updates in the / directory:

Package From To
markdown-it 12.3.2 14.2.0
rollup 2.79.1 2.80.0
koa 2.13.4 3.1.2
playwright 1.28.1 1.61.1
ws 7.5.9 7.5.11
ws 8.14.2 8.21.0
cross-spawn 7.0.3 7.0.6
@tootallnate/once 1.1.2 removed
handlebars 4.7.7 4.7.9
liquidjs 10.7.1 10.27.1
lodash 4.17.21 4.18.1
node-forge 1.3.1 1.4.0
qs 6.11.2 6.15.3

Bumps the npm_and_yarn group with 1 update in the /packages/lit-dev-content directory: markdown-it.

Updates markdown-it from 12.3.2 to 14.2.0

Changelog

Sourced from markdown-it's changelog.

[14.2.0] - 2026-05-24

Added

  • isPunctCharCode to utilities.

Fixed

  • Don't end HTML comment blocks on a blank line, #1155.
  • Properly recognize astral chars (surrogates) in delimiter scans for emphasis-like markers, #1072. Big thanks to @​tats-u for his global efforts with improving CJK support.
  • Preserve unicode whitespaces when trimm headings/paragraphs, #1074.
  • More strict entities decode to avoid false positives ;, #1096.
  • Restore block parser state on fail in lheading rule, #1131.

Security

  • Fixed poor smartquotes perfomance on > 70k quotes in single block
  • Bumped linkify-it to 5.0.1 with fixed potential perfomance issues.

[14.1.1] - 2026-01-11

Security

  • Fixed regression from v13 in linkify inline rule. Specific patterns could cause high CPU use. Thanks to @​ltduc147 for report.

[14.1.0] - 2024-03-19

Changed

  • Updated CM spec compatibility to 0.31.2, #1009.

Fixed

  • Fixed quadratic complexity when parsing references, #996.
  • Fixed quadratic output size with pathological user input in tables, #1000.

[14.0.0] - 2023-12-08

Changed

  • Drop ancient browsers support (use .fromCodePoint and other features).
  • Rewrite to ESM (including all plugins/deps). CJS fallback still available. No signatures changed, except markdown-it-emoji plugin.
  • Dropped dist/ folder from repo, build on package publish.
  • Set punicode.js as external dependency.

Fixed

  • Html tokens inside img alt are now rendered as their original text, #896.
  • Hardbreaks inside img alt are now rendered as newlines.

[13.0.2] - 2023-09-26

Security

  • Fixed crash/infinite loop caused by linkify inline rule, #957.

... (truncated)

Commits

Updates rollup from 2.79.1 to 2.80.0

Changelog

Sourced from rollup's changelog.

2.80.0

2026-02-22

Features

  • Throw when the generated bundle contains paths that would leave the output directory (#6277)

Pull Requests

2.79.2

2024-09-26

Bug Fixes

Pull Requests

Commits

Updates koa from 2.13.4 to 3.1.2

Release notes

Sourced from koa's releases.

v3.1.2

What's Changed

New Contributors

Full Changelog: koajs/koa@v3.1.1...v3.1.2

v3.1.1

What's Changed

Full Changelog: koajs/koa@v3.1.0...v3.1.1

v3.1.0

What's Changed

Full Changelog: koajs/koa@v3.0.3...v3.1.0

v3.0.3

What's Changed

Full Changelog: koajs/koa@v3.0.2...v3.0.3

v3.0.2

What's Changed

New Contributors

Full Changelog: koajs/koa@v3.0.1...v3.0.2

v3.0.1

... (truncated)

Changelog

Sourced from koa's changelog.

[!IMPORTANT] Moving forwards we are using the GitHub releases page at https://github.com/koajs/koa/releases in combination with np for publishing releases and their changelogs.


3.0.0-alpha.3 / 2025-02-11

fixes

  • Avoid redos on host and protocol getter

3.0.0-alpha.2 / 2024-11-04

breaking changes

  • Update http-errors to v2.0.0 #1486
  • Remove res.redirect('back'), add back() method to ctx #1115
  • Replace node querystring with URLSearchParams #1828
  • Remove obsolete createAsyncCtxStorageMiddleware #1817

features

  • Add support for web WHATWG #1830

updates

  • Update cookies to ~0.9.1 #1846
  • Update statuses to ^2.0.1
  • Update supertest to ^7.0.0 #1841

fixes

  • Fix exports.defaults in package.json #1630
  • Fix leaky handles in tests #1838
  • Fix body null checks #1814
  • Fix reformatting redirect URLs #1805 #1804
  • Fix passing ctx in error handler #1758

migrations

  • Migrate from jest to the native node test runner #1845

3.0.0-alpha.1 / 2023-04-12

fixes

3.0.0-alpha.0 / 2023-01-02

Breaking Changes

... (truncated)

Commits
Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for koa since your current version.


Updates playwright from 1.28.1 to 1.61.1

Release notes

Sourced from playwright's releases.

v1.61.1

Bug Fixes

  • #41365 [Bug]: Expect.Extend matcher with same name as default matcher in same expect instance overrides default matchers implementation to custom matcher
  • #41351 [Bug]: Playwright UI mode: apiRequestContext._wrapApiCall reports unexpected number of bytes (same test passes in headed mode)
  • #41360 [Bug]: Trace viewer: message times in websockets are downscaled by 1000
  • #41311 [Bug]: [Regression]: Sync loader throws "context.conditions?.includes is not a function" on Node 22.15
  • #41371 [Regression]: Sync ESM loader (registerHooks) fails to resolve extensionless .ts subpath imports across pnpm workspace symlinks

v1.61.0

🔑 WebAuthn passkeys

New Credentials virtual authenticator, available via browserContext.credentials, lets tests register passkeys and answer navigator.credentials.create() / navigator.credentials.get() ceremonies in the page — no real hardware key required, works in all browsers:

const context = await browser.newContext();
// Seed a passkey your backend provisioned for a test user.
await context.credentials.create('example.com', {
id: credentialId,
userHandle,
privateKey,
publicKey,
});
await context.credentials.install();
const page = await context.newPage();
await page.goto('https://example.com/login');
// The page's navigator.credentials.get() is answered with the seeded passkey.

You can also let the app register a passkey once in a setup test, read it back with credentials.get(), and seed it into later tests — see Credentials for details.

🗃️ Web Storage

New WebStorage API, available via page.localStorage and page.sessionStorage, reads and writes the page's storage for the current origin:

await page.localStorage.setItem('token', 'abc');
const token = await page.localStorage.getItem('token');
const items = await page.sessionStorage.items();

New APIs

Network

Browser and Screencast

... (truncated)

Commits
  • 39e3553 cherry-pick(#41399): fix(test): load require-reached files as commonjs in syn...
  • 4328122 chore: mark v1.61.1 (#41404)
  • 2c29a94 fix(tracing): stop recording websocket frames outside of chunks (#41398)
  • 4324b19 cherry-pick(#41367): fix(test): keep builtin expect matchers on base extend
  • 041e7e3 cherry-pick(#41364): fix(har): WebSocket message timestamps should be in mi...
  • b8a0fc3 cherry-pick(#41309, #43149): Revert "fix(firefox): treat `navigationCommitted...
  • b5a3175 cherry-pick(#41319): fix(loader): support other node versions
  • d4724a9 cherry-pick(#41290): feat(docker): add Ubuntu 26.04 (Resolute Raccoon) image
  • 1cc5a90 cherry-pick(#41295): chore: PLAYWRIGHT_TRACING_NO_WEBSOCKET_FRAMES and PLAYWR...
  • a6772bd cherry-pick(#41280): Revert "fix(trace-viewer): add keyboard navigation to `N...
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for playwright since your current version.


Updates ws from 7.5.9 to 7.5.11

Release notes

Sourced from ws's releases.

7.5.11

Bug fixes

  • Backported 2b2abd45 to the 7.x release line (e14c4586).

7.5.10

Bug fixes

  • Backported e55e5106 to the 7.x release line (22c28763).
Commits

Updates ws from 8.14.2 to 8.21.0

Release notes

Sourced from ws's releases.

7.5.11

Bug fixes

  • Backported 2b2abd45 to the 7.x release line (e14c4586).

7.5.10

Bug fixes

  • Backported e55e5106 to the 7.x release line (22c28763).
Commits

Updates cross-spawn from 7.0.3 to 7.0.6

Changelog

Sourced from cross-spawn's changelog.

7.0.6 (2024-11-18)

Bug Fixes

  • update cross-spawn version to 7.0.5 in package-lock.json (f700743)

7.0.5 (2024-11-07)

Bug Fixes

  • fix escaping bug introduced by backtracking (640d391)

7.0.4 (2024-11-07)

Bug Fixes

Commits
  • 77cd97f chore(release): 7.0.6
  • 6717de4 chore: upgrade standard-version
  • f700743 fix: update cross-spawn version to 7.0.5 in package-lock.json
  • 9a7e3b2 chore: fix build status badge
  • 0852683 chore(release): 7.0.5
  • 640d391 fix: fix escaping bug introduced by backtracking
  • bff0c87 chore: remove codecov
  • a7c6abc chore: replace travis with github workflows
  • 9b9246e chore(release): 7.0.4
  • 5ff3a07 fix: disable regexp backtracking (#160)
  • Additional commits viewable in compare view

Updates @octokit/plugin-paginate-rest from 2.18.0 to 14.0.0

Release notes

Sourced from @​octokit/plugin-paginate-rest's releases.

v14.0.0

14.0.0 (2025-10-31)

Features

  • add immutable releases, enterprise team membership, enterprise team organization endpoints (413e899)

BREAKING CHANGES

  • Remove GET /projects/{project_id}/columns
  • Remove GET /enterprises/{enterprise}/secret-scanning/alerts

v13.2.1

13.2.1 (2025-10-20)

Bug Fixes

v13.2.0

13.2.0 (2025-09-29)

Features

  • new Projects v2 endpoints, new code scanning dismissal endpoints, many other endpoints (#690) (0e236cb)

v13.1.1

13.1.1 (2025-06-27)

Bug Fixes

  • handle url in response when using pagination with compareCommits (#686) (8e5da25)

v13.1.0

13.1.0 (2025-06-16)

Features

  • add paginatantion support for compareCommits and compareCommitsWithBasehead (#678) (6d8ea8a)

v13.0.1

13.0.1 (2025-05-25)

... (truncated)

Commits
  • 413e899 feat: add immutable releases, enterprise team membership, enterprise team org...
  • 3d311d6 chore(deps): update dependency @​types/node to v24 (#701)
  • ba56fbc fix(deps): update @octokit/types (#698)
  • 80745be ci(action): update actions/checkout action to v5 (#687)
  • 0e236cb feat: new Projects v2 endpoints, new code scanning dismissal endpoints, many ...
  • bf19e3e chore(deps): update dependency prettier to v3.6.2 (#685)
  • 4f9fc56 ci(action): update actions/setup-node action to v5 (#688)
  • 8e5da25 fix: handle url in response when using pagination with compareCommits (#686)
  • 6d8ea8a feat: add paginatantion support for compareCommits and `compareCommitsWith...
  • 8ec2713 fix(deps): update @octokit/types - no new paginated endpoints (#680)
  • Additional commits viewable in compare view

Updates @octokit/request from 5.6.3 to 10.0.11

Release notes

Sourced from @​octokit/request's releases.

v10.0.11

10.0.11 (2026-06-29)

Bug Fixes

  • handle primitive JSON error bodies without throwing (#820) (554e102), closes #819

v10.0.10

10.0.10 (2026-05-26)

Bug Fixes

  • remove unused fast-content-type-parse dependency (#808) (25b0838)

v10.0.9

10.0.9 (2026-05-12)

Bug Fixes

  • deps: switch to using the "content-type" package for content type parsing (#807) (a9f64a0)

v10.0.8

10.0.8 (2026-02-20)

Bug Fixes

  • use json-with-bigint instead of built-in JSON methods in order to properly support int64's (#798) (f13f5d9)

v10.0.7

10.0.7 (2025-11-13)

Bug Fixes

  • readme: properly structure the options for custom agent (#786) (f17c1c1), closes #785

v10.0.6

10.0.6 (2025-10-30)

Bug Fixes

  • deps: update dependency @​octokit/types to v16 (#783) (1aeac56)

v10.0.5

10.0.5 (2025-09-29)

... (truncated)

Commits
  • 554e102 fix: handle primitive JSON error bodies without throwing (#820)
  • 14cf144 build(deps-dev): bump undici from 7.24.0 to 7.28.0 (#813)
  • eccf620 chore(deps): update dependency esbuild to v0.28.1 [security] (#809)
  • 25b0838 fix: remove unused fast-content-type-parse dependency (#808)
  • b3d6b0b chore(deps): update dependency esbuild to ^0.28.0 (#804)
  • 7fdf739 ci(action): update actions/create-github-app-token action to v3 (#801)
  • 58b1f87 ci(action): update actions/add-to-project action to v2 (#806)
  • a9f64a0 fix(deps): switch to using the "content-type" package for content type parsin...
  • 4abc280 chore(deps): update dependency undici to v7.24.0 [security] (#800)
  • f13f5d9 fix: use json-with-bigint instead of built-in JSON methods in order to prop...
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for @​octokit/request since your current version.


Updates @octokit/request-error from 2.1.0 to 7.1.0

Release notes

Sourced from @​octokit/request-error's releases.

v7.1.0

7.1.0 (2025-11-13)

Features

  • inherit options from base Error class to add support for the cause property (#535/#536) (2ea2780)

v7.0.2

7.0.2 (2025-10-30)

Bug Fixes

  • deps: update dependency @​octokit/types to v16 (#533) (e5a75ef)

v7.0.1

7.0.1 (2025-09-29)

Bug Fixes

  • deps: update dependency @​octokit/types to v15 (#522) (4a453f2)

v7.0.0

7.0.0 (2025-05-20)

Continuous Integration

BREAKING CHANGES

  • Drop support for NodeJS v18

  • build: set minimal node version in build script to v20

  • ci: stop testing against NodeJS v18

v6.1.8

6.1.8 (2025-04-10)

Bug Fixes

  • deps: update dependency @​octokit/types to v14 (#505) (ab4ea7b)

v6.1.7

... (truncated)

Commits
  • 2ea2780 feat: inherit options from base Error class to add support for the cause ...
  • ac7b309 chore(deps): update vitest monorepo to v4 (major) (#531)
  • dadc76d ci(action): update peter-evans/create-or-update-comment action to v5 (#525)
  • f57f2e6 build(deps): lock file maintenance (#534)
  • e5a75ef fix(deps): update dependency @​octokit/types to v16 (#533)
  • e5d5de2 chore(deps): update dependency @​types/node to v24 (#532)
  • 8cc127b ci(action): update actions/setup-node action to v6 (#529)
  • b3a876b build(deps): lock file maintenance (#527)
  • cf1817b ci(action): update github/codeql-action action to v4 (#528)
  • 61f1e87 chore(deps): update dependency tinybench to v5 (#519)
  • Additional commits viewable in compare view

Removes @tootallnate/once

Updates handlebars from 4.7.7 to 4.7.9

Release notes

Sourced from handlebars's releases.

v4.7.9

Commits

v4.7.8

  • Make library compatible with workers (#1894) - 3d3796c
  • Don't rely on Node.js global object (#1776) - 2954e7e
  • Fix compiling of each block params in strict mode (#1855) - 30dbf04
  • Fix rollup warning when importing Handlebars as ESM - 03d387b
  • Fix bundler issue with webpack 5 (#1862) - c6c6bbb
  • Use https instead of git for mustache submodule - 88ac068

Commits

Changelog

Sourced from handlebars's changelog.

v4.7.9 - March 26th, 2026

  • fix: enable shell mode for spawn to resolve Windows EINVAL issue - e0137c2
  • fix type "RuntimeOptions" also accepting string partials - eab1d14
  • feat(types): set hash to be a Record<string, any> - de4414d
  • fix non-contiguous program indices - 4512766
  • refactor: rename i to startPartIndex - e497a35
  • security: fix security issues - 68d8df5

Commits

v4.7.8 - July 27th, 2023

  • Make library compatible with workers (#1894) - 3d3796c
  • Don't rely on Node.js global object (#1776) - 2954e7e
  • Fix compiling of each block params in strict mode (#1855) - 30dbf04
  • Fix rollup warning when importing Handlebars as ESM - 03d387b
  • Fix bundler issue with webpack 5 (#1862) - c6c6bbb
  • Use https instead of git for mustache submodule - 88ac068

Commits

Commits
  • dce542c v4.7.9
  • 8a41389 Update release notes
  • 68d8df5 Fix security issues
  • b2a0831 Fix browser tests
  • 9f98c16 Fix release script
  • 45443b4 Revert "Improve partial indenting performance"
  • 8841a5f Fix CI errors with linting
  • e0137c2 fix: enable shell mode for spawn to resolve Windows EINVAL issue
  • e914d60 Improve rendering performance
  • 7de4b41 Upgrade GitHub Actions checkout and setup-node on 4.x branch
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by jaylinski, a new releaser for handlebars since your current version.


Updates jws from 3.2.2 to 4.0.0

Release notes

Sourced from jws's releases.

v4.0.0

No release notes provided.

v3.2.3

Changed

  • Fix advisory GHSA-869p-cjfg-cm3x: createSign and createVerify now require that a non empty secret is provided (via opts.secret, opts.privateKey or opts.key) when using HMAC algorithms.
  • Upgrading JWA version to 1.4.2, addressing a compatibility issue for Node >= 25.
Commits

Updates liquidjs from 10.7.1 to 10.27.1

Release notes

Sourced from liquidjs's releases.

v10.27.1

10.27.1 (2026-06-23)

Bug Fixes

  • improve round function; improvement to #873 (#901) (956b51e)
  • security: charge pop filter allocation to memoryLimit (#907) (8a0c74a)
  • strip_html: infinite loop for strip_html (5c3522f)

Performance Improvements

  • parser: memoize createTrie to avoid rebuilding tries per Tokenizer (#911) (3a0d80d)

v10.27.0

10.27.0 (2026-05-15)

Features

  • context: null-prototype scope frames via createScope (#899) (47d3f1b)

v10.26.0

10.26.0 (2026-05-14)

Bug Fixes

  • date: cap strftime widths and account padding in memoryLimit (#895) (3129d46)
  • enforce renderLimit for empty renderTemplates calls (#894) (5b9c346)
  • propagate ownPropertyOnly into Context.spawn() for {% render %} (#893) (dbbf628)
  • security: block Object.prototype filter/tag lookups (RCE) (#897) (457fae0)
  • strip html newline tags (#892) (26ea285)
  • strip_html: rewrite as linear single-pass scan to avoid ReDoS (#896) (3616a74)

Features

  • add sha256 and hmac_sha256 filters for cryptographic operations (#889) (1c816d4)

v10.25.7

10.25.7 (2026-04-23)

Bug Fixes

  • filters: support Buffer input in base64_encode to prevent binary data corruption (#881) (0ee6dbb)

v10.25.6

... (truncated)

Changelog

Sourced from liquidjs's changelog.

10.27.1 (2026-06-23)

Bug Fixes

  • improve round function; improvement to #873 (#901) (956b51e)
  • security: charge pop filter allocation to memoryLimit (#907) (8a0c74a)
  • strip_html: infinite loop for strip_html (5c3522f)

Performance Improvements

  • parser: memoize createTrie to avoid rebuilding tries per Tokenizer (#911) (3a0d80d)

10.27.0 (2026-05-15)

Features

  • context: null-prototype scope frames via createScope (#899) (47d3f1b)

10.26.0 (2026-05-14)

Bug Fixes

  • date: cap strftime widths and account padding in memoryLimit (#895) (

Bumps the npm_and_yarn group with 12 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [markdown-it](https://github.com/markdown-it/markdown-it) | `12.3.2` | `14.2.0` |
| [rollup](https://github.com/rollup/rollup) | `2.79.1` | `2.80.0` |
| [koa](https://github.com/koajs/koa) | `2.13.4` | `3.1.2` |
| [playwright](https://github.com/microsoft/playwright) | `1.28.1` | `1.61.1` |
| [ws](https://github.com/websockets/ws) | `7.5.9` | `7.5.11` |
| [ws](https://github.com/websockets/ws) | `8.14.2` | `8.21.0` |
| [cross-spawn](https://github.com/moxystudio/node-cross-spawn) | `7.0.3` | `7.0.6` |
| [@tootallnate/once](https://github.com/TooTallNate/once) | `1.1.2` | `removed` |
| [handlebars](https://github.com/handlebars-lang/handlebars.js) | `4.7.7` | `4.7.9` |
| [liquidjs](https://github.com/harttle/liquidjs) | `10.7.1` | `10.27.1` |
| [lodash](https://github.com/lodash/lodash) | `4.17.21` | `4.18.1` |
| [node-forge](https://github.com/digitalbazaar/forge) | `1.3.1` | `1.4.0` |
| [qs](https://github.com/ljharb/qs) | `6.11.2` | `6.15.3` |

Bumps the npm_and_yarn group with 1 update in the /packages/lit-dev-content directory: [markdown-it](https://github.com/markdown-it/markdown-it).


Updates `markdown-it` from 12.3.2 to 14.2.0
- [Changelog](https://github.com/markdown-it/markdown-it/blob/master/CHANGELOG.md)
- [Commits](markdown-it/markdown-it@12.3.2...14.2.0)

Updates `rollup` from 2.79.1 to 2.80.0
- [Release notes](https://github.com/rollup/rollup/releases)
- [Changelog](https://github.com/rollup/rollup/blob/v2.80.0/CHANGELOG.md)
- [Commits](rollup/rollup@v2.79.1...v2.80.0)

Updates `koa` from 2.13.4 to 3.1.2
- [Release notes](https://github.com/koajs/koa/releases)
- [Changelog](https://github.com/koajs/koa/blob/master/History.md)
- [Commits](koajs/koa@2.13.4...v3.1.2)

Updates `playwright` from 1.28.1 to 1.61.1
- [Release notes](https://github.com/microsoft/playwright/releases)
- [Commits](microsoft/playwright@v1.28.1...v1.61.1)

Updates `ws` from 7.5.9 to 7.5.11
- [Release notes](https://github.com/websockets/ws/releases)
- [Commits](websockets/ws@7.5.9...7.5.11)

Updates `ws` from 8.14.2 to 8.21.0
- [Release notes](https://github.com/websockets/ws/releases)
- [Commits](websockets/ws@7.5.9...7.5.11)

Updates `cross-spawn` from 7.0.3 to 7.0.6
- [Changelog](https://github.com/moxystudio/node-cross-spawn/blob/master/CHANGELOG.md)
- [Commits](moxystudio/node-cross-spawn@v7.0.3...v7.0.6)

Updates `@octokit/plugin-paginate-rest` from 2.18.0 to 14.0.0
- [Release notes](https://github.com/octokit/plugin-paginate-rest.js/releases)
- [Commits](octokit/plugin-paginate-rest.js@v2.18.0...v14.0.0)

Updates `@octokit/request` from 5.6.3 to 10.0.11
- [Release notes](https://github.com/octokit/request.js/releases)
- [Commits](octokit/request.js@v5.6.3...v10.0.11)

Updates `@octokit/request-error` from 2.1.0 to 7.1.0
- [Release notes](https://github.com/octokit/request-error.js/releases)
- [Commits](octokit/request-error.js@v2.1.0...v7.1.0)

Removes `@tootallnate/once`

Updates `handlebars` from 4.7.7 to 4.7.9
- [Release notes](https://github.com/handlebars-lang/handlebars.js/releases)
- [Changelog](https://github.com/handlebars-lang/handlebars.js/blob/v4.7.9/release-notes.md)
- [Commits](handlebars-lang/handlebars.js@v4.7.7...v4.7.9)

Updates `jws` from 3.2.2 to 4.0.0
- [Release notes](https://github.com/brianloveswords/node-jws/releases)
- [Changelog](https://github.com/auth0/node-jws/blob/master/CHANGELOG.md)
- [Commits](auth0/node-jws@v3.2.2...v4.0.0)

Updates `liquidjs` from 10.7.1 to 10.27.1
- [Release notes](https://github.com/harttle/liquidjs/releases)
- [Changelog](https://github.com/harttle/liquidjs/blob/master/CHANGELOG.md)
- [Commits](harttle/liquidjs@v10.7.1...v10.27.1)

Updates `lodash` from 4.17.21 to 4.18.1
- [Release notes](https://github.com/lodash/lodash/releases)
- [Commits](lodash/lodash@4.17.21...4.18.1)

Updates `node-forge` from 1.3.1 to 1.4.0
- [Changelog](https://github.com/digitalbazaar/forge/blob/main/CHANGELOG.md)
- [Commits](digitalbazaar/forge@v1.3.1...v1.4.0)

Updates `qs` from 6.11.2 to 6.15.3
- [Changelog](https://github.com/ljharb/qs/blob/main/CHANGELOG.md)
- [Commits](ljharb/qs@v6.11.2...v6.15.3)

Updates `markdown-it` from 12.3.2 to 14.2.0
- [Changelog](https://github.com/markdown-it/markdown-it/blob/master/CHANGELOG.md)
- [Commits](markdown-it/markdown-it@12.3.2...14.2.0)

---
updated-dependencies:
- dependency-name: markdown-it
  dependency-version: 14.2.0
  dependency-type: direct:development
  dependency-group: npm_and_yarn
- dependency-name: rollup
  dependency-version: 2.80.0
  dependency-type: direct:development
  dependency-group: npm_and_yarn
- dependency-name: koa
  dependency-version: 3.1.2
  dependency-type: direct:production
  dependency-group: npm_and_yarn
- dependency-name: playwright
  dependency-version: 1.61.1
  dependency-type: direct:production
  dependency-group: npm_and_yarn
- dependency-name: ws
  dependency-version: 7.5.11
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: ws
  dependency-version: 8.21.0
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: cross-spawn
  dependency-version: 7.0.6
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: "@octokit/plugin-paginate-rest"
  dependency-version: 14.0.0
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: "@octokit/request"
  dependency-version: 10.0.11
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: "@octokit/request-error"
  dependency-version: 7.1.0
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: "@tootallnate/once"
  dependency-version:
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: handlebars
  dependency-version: 4.7.9
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: jws
  dependency-version: 4.0.0
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: liquidjs
  dependency-version: 10.27.1
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: lodash
  dependency-version: 4.18.1
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: node-forge
  dependency-version: 1.4.0
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: qs
  dependency-version: 6.15.3
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: markdown-it
  dependency-version: 14.2.0
  dependency-type: direct:development
  dependency-group: npm_and_yarn
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Jul 1, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants